Am 04.11.2006 um 21:16 schrieb Robert Sayre:
>
> On 11/4/06, Robert Sayre <sayrer@gmail.com> wrote:
>> "An HTTP client MUST NOT send a version for which it is not at least
>> conditionally compliant.'
>>
>
> Sorry, that's from RFC 2145. The send button was clicked a bit
> early. :)
>
> In any case, the requirements and semantics of HTTP version numbers
> seem clear as a bell to me. I don't see any interpretation that allows
> something as radical as the addition of a mandatory security mechanism
> without incrementing the version number.
+1.
And besides, I fail to see what shall be accomplished here. I get the
feeling that people think that waving the magic wand of specification
revisions will instantaneously change the world around them. It will
not.
If the spec would be changed in this way, all a reasonable server
could deduce from a HTTP/1.1 request is that the client *may*
implement the now mandatory to implement authentication schemes. That
seems a bit thin a gain compared to the current situation, e.g. the
server can assume that the client *may* implement basic and digest.
//Stefan